mod_session-2.4.6-98.sl7_9.6> H HtxHFc: ?*}}IGX죢Q, :q aFJ"j/dK93a2f04aa8ef015186042665f9edca0de9818c7f 4wKe]m6Fc: ?*}}u(F+sV!"MR 9ӗN2:Y3VJy>3|?| d  L :SY`x    . 4LjJ(89:*Gz,HzDIz\XzdYzl\z]z^{b{Ld{e{f{l{|Cmod_session2.4.698.sl7_9.6Session interface for the Apache HTTP ServerThe mod_session module and associated backends provide an abstract interface for storing and accessing per-user session data.cϼsl7.fnal.govScientific LinuxScientific LinuxASL 2.0Scientific LinuxSystem Environment/Daemonshttp://httpd.apache.org/linuxx86_64m\x+\Lcϲcϼ^cϼ^cϼ^cϼ^cϼ^51df0ceeb7dae9922817f4af0554f83fe01d6268025ee08260aeed69be3953d15c83b3b87e6aa2144255b7757110636d4364fc55a88a5eaebb85a3c55a98ae4880fc4d2322b11d18b640ceeec595f6adf598e946e54384e0cd31ddebca50dca54c8bdadc7d6050c4cc2fb17da74797ff57b75eb5826fab435bbd3c8136ed9ed8f5750eb352b53821b50bad78cad7ca7a2a6aadf56954ff1b217a65dad5d652cea08b62e3289106afe8e694c6a2d05d982198f58f6839164f1bd8e320a0eb9f76rootrootrootrootrootrootrootrootrootrootrootroothttpd-2.4.6-98.sl7_9.6.src.rpmmod_sessionmod_session(x86-64)   @@@@@@@ httpdhttpd-mmnapr-util-opensslrpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(CompressedFileNames)libc.so.6()(64bit)libc.so.6(GLIBC_2.14)(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.4)(64bit)libpthread.so.0()(64bit)rtld(GNU_HASH)rpmlib(PayloadIsXz)0:2.4.6-98.sl7_9.620120211x86644.6.0-14.0-13.0.4-15.2-14.11.3c@c@b9@aaav@a^@_}^@^|@]z@]^]A\@\[+@[+@[+@[*A['[d@[d@ZZS]@Y@YeY@YY@YY@YdYp@Y{Y{Y*@YYw2Y@Y@Y@XXg@X,X,X@XƉX•@XCX@X@XXXXO@XO@XO@XO@XXWWW{@Wc@V͛@U@Uݪ@UoUȒ@UU@Un@UY@U.RT}Tto@TXTG@T2@T @TTS@SS@S@SuSǺS*@SSRUR@RRΏ@R@RkR1@RsRrF@Ri RM\@RC@Q@QQޞ@QQo@Q@QQ@Qo@Qm=@QQQ,Q,Q']QP @P6@P6@P{@PPl(PiPiPiPiPiPYPQPIP3x@P3x@PPO@OO@O@OЗOЗOF@OF@OF@O]@O"O"O@O@O@O@O@O@O@OOOOOOleOleO_6O_6O_6OU@O8@O8@O5OKO@ONNS@N{#@NoENdNBrN)f@N&@N@N MM>MMn1@MdMRMF@M(QM$]@M$]@M# L@L@LLMxL7@K@Scientific Linux Auto Patch Process Luboš Uhliarik - 2.4.6-97.6Luboš Uhliarik - 2.4.6-97.5Luboš Uhliarik - 2.4.6-97.4Luboš Uhliarik - 2.4.6-97.3Luboš Uhliarik - 2.4.6-97.2Luboš Uhliarik - 2.4.6-97.1Lubos Uhliarik - 2.4.6-97Lubos Uhliarik - 2.4.6-95Lubos Uhliarik - 2.4.6-94Lubos Uhliarik - 2.4.6-93Joe Orton - 2.4.6-92Lubos Uhliarik - 2.4.6-91Lubos Uhliarik - 2.4.6-90Joe Orton - 2.4.6-89Luboš Uhliarik - 2.4.6-88Luboš Uhliarik - 2.4.6-87Luboš Uhliarik - 2.4.6-86Luboš Uhliarik - 2.4.6-85Luboš Uhliarik - 2.4.6-84Luboš Uhliarik - 2.4.6-83Luboš Uhliarik - 2.4.6-82Joe Orton - 2.4.6-81Luboš Uhliarik - 2.4.6-80Luboš Uhliarik - 2.4.6-79Luboš Uhliarik - 2.4.6-78Luboš Uhliarik - 2.4.6-77Luboš Uhliarik - 2.4.6-76Luboš Uhliarik - 2.4.6-75Luboš Uhliarik - 2.4.6-74Luboš Uhliarik - 2.4.6-73Luboš Uhliarik - 2.4.6-72Luboš Uhliarik - 2.4.6-71Luboš Uhliarik - 2.4.6-70Luboš Uhliarik - 2.4.6-69Luboš Uhliarik - 2.4.6-68Luboš Uhliarik - 2.4.6-67Luboš Uhliarik - 2.4.6-66Luboš Uhliarik - 2.4.6-65Luboš Uhliarik - 2.4.6-64Luboš Uhliarik - 2.4.6-63Luboš Uhliarik - 2.4.6-62Luboš Uhliarik - 2.4.6-61Luboš Uhliarik - 2.4.6-60Luboš Uhliarik - 2.4.6-59Luboš Uhliarik - 2.4.6-58Luboš Uhliarik - 2.4.6-57Luboš Uhliarik - 2.4.6-56Luboš Uhliarik - 2.4.6-55Luboš Uhliarik - 2.4.6-54Luboš Uhliarik - 2.4.6-53Luboš Uhliarik - 2.4.6-52Luboš Uhliarik - 2.4.6-51Luboš Uhliarik - 2.4.6-50Luboš Uhliarik - 2.4.6-49Luboš Uhliarik - 2.4.6-48Joe Orton - 2.4.6-47Luboš Uhliarik - 2.4.6-46Luboš Uhliarik - 2.4.6-45Joe Orton - 2.4.6-44Joe Orton - 2.4.6-43Joe Orton - 2.4.6-42Jan Kaluza - 2.4.6-41Jan Kaluza - 2.4.6-40Jan Kaluza - 2.4.6-39Jan Kaluza - 2.4.6-38Jan Kaluza - 2.4.6-37Jan Kaluza - 2.4.6-36Jan Kaluza - 2.4.6-35Jan Kaluza - 2.4.6-34Jan Kaluza - 2.4.6-33Jan Kaluza - 2.4.6-32Jan Kaluza - 2.4.6-31Jan Kaluza - 2.4.6-30Jan Kaluza - 2.4.6-29Jan Kaluza - 2.4.6-28Jan Kaluza - 2.4.6-27Jan Kaluza - 2.4.6-26Jan Kaluza - 2.4.6-25Jan Kaluza - 2.4.6-24Jan Kaluza - 2.4.6-23Jan Kaluza - 2.4.6-22Jan Kaluza - 2.4.6-21Jan Kaluza - 2.4.6-20Jan Kaluza - 2.4.6-19Jan Kaluza - 2.4.6-18Jan Kaluza - 2.4.6-17Joe Orton - 2.4.6-16Joe Orton - 2.4.6-15Daniel Mach - 2.4.6-14Joe Orton - 2.4.6-13Joe Orton - 2.4.6-12Joe Orton - 2.4.6-11Joe Orton - 2.4.6-10Daniel Mach - 2.4.6-9Joe Orton - 2.4.6-8Jan Kaluza - 2.4.6-7Jan Kaluza - 2.4.6-6Jan Kaluza - 2.4.6-5Jan Kaluza - 2.4.6-4Jan Kaluza - 2.4.6-3Jan Kaluza - 2.4.6-2Joe Orton - 2.4.6-1Jan Kaluza - 2.4.4-12Joe Orton - 2.4.4-11Joe Orton - 2.4.4-10Joe Orton - 2.4.4-9Jan Kaluza - 2.4.4-8Jan Kaluza - 2.4.4-6Jan Kaluza - 2.4.4-5Jan Kaluza - 2.4.4-4Jan Kaluza - 2.4.4-3Joe Orton - 2.4.4-2Joe Orton - 2.4.4-1Joe Orton - 2.4.3-17Fedora Release Engineering - 2.4.3-16Joe Orton - 2.4.3-15Joe Orton - 2.4.3-14Joe Orton - 2.4.3-13Joe Orton - 2.4.3-12Joe Orton - 2.4.3-11Joe Orton - 2.4.3-10Joe Orton - 2.4.3-9.1Joe Orton - 2.4.3-9Joe Orton - 2.4.3-8Joe Orton - 2.4.3-7Jan Kaluza - 2.4.3-6Joe Orton - 2.4.3-5Joe Orton - 2.4.3-4Jan Kaluza - 2.4.3-3Joe Orton - 2.4.3-2Joe Orton - 2.4.3-1Joe Orton - 2.4.2-23Fedora Release Engineering - 2.4.2-22Joe Orton - 2.4.2-21Joe Orton - 2.4.2-20Joe Orton - 2.4.2-19Joe Orton - 2.4.2-18Joe Orton - 2.4.2-17Joe Orton - 2.4.2-16Joe Orton - 2.4.2-15Joe Orton - 2.4.2-14Joe Orton - 2.4.2-13Joe Orton - 2.4.2-12Joe Orton - 2.4.2-11Joe Orton - 2.4.2-10Joe Orton - 2.4.2-9Joe Orton - 2.4.2-8Joe Orton - 2.4.2-7Joe Orton - 2.4.2-6Joe Orton - 2.4.2-5Joe Orton - 2.4.2-4Joe Orton - 2.4.2-3.2Joe Orton - 2.4.2-3Joe Orton - 2.4.2-2Jan Kaluza - 2.4.2-1Joe Orton - 2.4.1-6Joe Orton - 2.4.1-5Joe Orton - 2.4.1-4Joe Orton - 2.4.1-3Joe Orton - 2.4.1-2Joe Orton - 2.4.1-1Joe Orton - 2.2.22-2Joe Orton - 2.2.22-1Petr Pisar - 2.2.21-8Jan Kaluza - 2.2.21-7Joe Orton - 2.2.21-6Fedora Release Engineering - 2.2.21-5Jan Kaluza - 2.2.21-4Jan Kaluza - 2.2.21-3Ville Skyttä - 2.2.21-2Joe Orton - 2.2.21-1Joe Orton - 2.2.20-1Jan Kaluza - 2.2.19-5Iain Arnell 1:2.2.19-4Jan Kaluza - 2.2.19-3Jan Kaluza - 2.2.19-2Joe Orton - 2.2.19-1Joe Orton - 2.2.17-13Joe Orton - 2.2.17-12Joe Orton - 2.2.17-11Joe Orton - 2.2.17-10Joe Orton - 2.2.17-9Fedora Release Engineering - 2.2.17-8Joe Orton - 2.2.17-7Joe Orton - 2.2.17-6Joe Orton - 2.2.17-5Joe Orton - 2.2.17-4Joe Orton - 2.2.17-3Joe Orton - 2.2.17-2Joe Orton - 2.2.17-1Joe Orton - 2.2.16-2Joe Orton - 2.2.16-1Joe Orton - 2.2.15-3Robert Scheck - 2.2.15-1- Added Source: httpd-sl_index.html.sl.patch --> This patch removes TUV branding from the default index.html - Added Source: httpd-spec_sl_index.html.sl7.patch --> The index.html file is outside of the source tarball, so we need to patch it in the install step - Added Source: httpd.ini --> Config file for automated patch script- Resolves: #2101997 - HEAD request with a 404 and custom ErrorPage causes corrupt and mixed-up responses- Resolves: #2065243 - CVE-2022-22720 httpd: HTTP request smuggling vulnerability in Apache HTTP Server 2.4.52 and earlier- Resolves: #2031072 - CVE-2021-34798 httpd: NULL pointer dereference via malformed requests - Resolves: #2031074 - CVE-2021-39275 httpd: out-of-bounds write in ap_escape_quotes() via malicious input - Resolves: #1969226 - CVE-2021-26691 httpd: Heap overflow in mod_session- Resolves: #2035058 - CVE-2021-44790 httpd: mod_lua: possible buffer overflow when parsing multipart content- Resolves: #2015694 - proxy rewrite to unix socket fails with CVE-2021-40438 fix- Resolves: #2011729 - CVE-2021-40438 httpd: mod_proxy: SSRF via a crafted request uri-path containing "unix:"- Resolves: #1852350 - httpd/mod_proxy_http/mod_ssl aborted when sending a client cert to backend server - Resolves: #1785100 - mod_cgid takes CGIDScriptTimeout x 2 seconds for timeout - Resolves: #1862499 - Intermittent Segfault in Apache httpd due to pool concurrency issues- Resolves: #1823262 - CVE-2020-1934 httpd: mod_proxy_ftp use of uninitialized value- Resolves: #1565491 - CVE-2017-15715 httpd: bypass with a trailing newline in the file name - Resolves: #1747283 - CVE-2019-10098 httpd: mod_rewrite potential open redirect - Resolves: #1724879 - httpd terminates all SSL connections using an abortive shutdown - Resolves: #1715981 - Backport of SessionExpiryUpdateInterval directive - Resolves: #1565457 - CVE-2018-1303 httpd: Out of bounds read in mod_cache_socache can allow a remote attacker to cause a denial of service - Resolves: #1566531 - CVE-2018-1283 httpd: Improper handling of headers in mod_session can allow a remote user to modify session data for CGI applications- Resolves: #1677496 - CVE-2018-17199 httpd: mod_session_cookie does not respect expiry time- htpasswd: add SHA-2 crypt() support (#1486889)- Resolves: #1630886 - scriptlet can fail if hostname is not installed - Resolves: #1565465 - CVE-2017-15710 httpd: Out of bound write in mod_authnz_ldap when using too small Accept-Language values - Resolves: #1568298 - CVE-2018-1301 httpd: Out of bounds access after failure in reading the HTTP request - Resolves: #1673457 - Apache child process crashes because ScriptAliasMatch directive - Resolves: #1633152 - mod_session missing apr-util-openssl - Resolves: #1649470 - httpd response contains garbage in Content-Type header - Resolves: #1724034 - Unexpected OCSP in proxy SSL connection- Resolves: #1566317 - CVE-2018-1312 httpd: Weak Digest auth nonce generation in mod_auth_digest - Resolves: #1696141 - CVE-2019-0217 httpd: mod_auth_digest: access control bypass due to race condition - Resolves: #1696096 - CVE-2019-0220 httpd: URL normalization inconsistency- fix per-request leak of bucket brigade structure (#1583218)- Resolves: #1527295 - httpd with worker/event mpm segfaults after multiple SIGUSR1- Resolves: #1458364 - RMM list corruption in ldap module results in server hang- Resolves: #1493181 - RFE: mod_ssl: allow sending multiple CA names which differ only in case- Resolves: #1556761 - mod_proxy_wstunned config needs the default port number- Resolves: #1548501 - Make OCSP more configurable (like CRL)- Resolves: #1523536 - Backport Apache BZ#59230 mod_proxy_express uses db after close- Resolves: #1533793 - Use Variable with mod_authnz_ldap- don't terminate connections during graceful stop/restart (#1557785)- Related: #1288395 - httpd segfault when logrotate invoked- Resolves: #1274890 - mod_ssl config: tighten defaults- Resolves: #1506392 - Backport: SSLSessionTickets directive support- Resolves: #1440590 - Need an option to disable UTF8-conversion of certificate DN- Resolves: #1464406 - Apache consumes too much memory for CGI output- Resolves: #1448892 - Cannot override LD_LIBARY_PATH in Apache HTTPD using SetEnv or PassEnv. Needs documentation.- Resolves: #1430640 - "ProxyAddHeaders Off" does not become effective when it's defined outside setting- Resolves: #1499253 - ProxyRemote with HTTPS backend sends requests with absoluteURI instead of abs_path- Resolves: #1288395 - httpd segfault when logrotate invoked- Resolves: #1368491 - mod_authz_dbd segfaults when AuthzDBDQuery missing- Resolves: #1467402 - rotatelogs: creation of zombie processes when -p is used- Resolves: #1493065 - CVE-2017-9798 httpd: Use-after-free by limiting unregistered HTTP method- Resolves: #1463194 - CVE-2017-3167 httpd: ap_get_basic_auth_pw() authentication bypass - Resolves: #1463197 - CVE-2017-3169 httpd: mod_ssl NULL pointer dereference - Resolves: #1463207 - CVE-2017-7679 httpd: mod_mime buffer overread - Resolves: #1463205 - CVE-2017-7668 httpd: ap_find_token() buffer overread - Resolves: #1470748 - CVE-2017-9788 httpd: Uninitialized memory reflection in mod_auth_digest- Related: #1332242 - Explicitly disallow the '#' character in allow,deny directives- Related: #1332242 - Explicitly disallow the '#' character in allow,deny directives- Resolves: #1445885 - define _RH_HAS_HTTPPROTOCOLOPTIONS- Resolves: #1442872 - apache user is not created during httpd installation when apache group already exist with GID other than 48- Related: #1412976 - CVE-2016-0736 CVE-2016-2161 CVE-2016-8743 httpd: various flaws- Resolves: #1397241 - Backport Apache Bug 53098 - mod_proxy_ajp: patch to set worker secret passed to tomcat- Related: #1414258 - Crash during restart or at startup in mod_ssl, in certinfo_free() function registered by ssl_stapling_ex_init()- Resolves: #1414258 - Crash during restart or at startup in mod_ssl, in certinfo_free() function registered by ssl_stapling_ex_init()- Resolves: #1378946 - Backport of apache bug 55910: Continuation lines are broken during buffer resize- Resolves: #1364604 - Upstream Bug 56925 - ErrorDocument directive misbehaves with mod_proxy_http and mod_proxy_ajp- Resolves: #1324416 - Error 404 when switching language in HTML manual more than once- Resolves: #1353740 - Backport Apache PR58118 to fix mod_proxy_fcgi spamming non-errors: AH01075: Error dispatching request to : (passing brigade to output filters)- Resolves: #1371876 - Apache httpd returns "200 OK" for a request exceeding LimitRequestBody when enabling mod_ext_filter- Resolves: #1372692 - Apache httpd does not log status code "413" in access_log when exceeding LimitRequestBody- Resolves: #1376835 - httpd with worker/event mpm segfaults after multiple successive graceful reloads- Resolves: #1332242 - Explicitly disallow the '#' character in allow,deny directives- Resolves: #1396197 - Backport: mod_proxy_wstunnel - AH02447: err/hup on backconn- Resolves: #1348019 - mod_proxy: Fix a race condition that caused a failed worker to be retried before the retry period is over- Resolves: #1389535 - Segmentation fault in SSL_renegotiate- Resolves: #1406184 - stapling_renew_response: abort early (before apr_uri_parse) if ocspuri is empty- prefork: fix delay completing graceful restart (#1327624) - mod_ldap: fix authz regression, failing to rebind (#1415257)- Resolves: #1412976 - CVE-2016-0736 CVE-2016-2161 CVE-2016-8743 httpd: various flaws- RFE: run mod_rewrite external mapping program as non-root (#1316900)- add security fix for CVE-2016-5387- add 451 (Unavailable For Legal Reasons) response status-code (#1343582)- mod_cache: treat cache as valid with changed Expires in 304 (#1331341)- mod_cache: merge r->err_headers_out into r->headers when the response is cached for the first time (#1264989) - mod_ssl: Do not send SSL warning when SNI hostname is not found as per RFC 6066 (#1298148) - mod_proxy_fcgi: Ignore body data from backend for 304 responses (#1263038) - fix apache user creation when apache group already exists (#1299889) - fix apache user creation when USERGROUPS_ENAB is set to 'no' (#1288757) - mod_proxy: fix slow response time for reponses with error status code when using ProxyErrorOverride (#1283653) - mod_ldap: Respect LDAPConnectionPoolTTL for authn connections (#1300149) - mod_ssl: use "localhost" in the dummy SSL cert for long FQDNs (#1240495) - rotatelogs: improve support for localtime (#1244545) - ab: fix read failure when targeting SSL server (#1255331) - mod_log_debug: fix LogMessage example in documentation (#1279465) - mod_authz_dbd, mod_authn_dbd, mod_session_dbd, mod_rewrite: Fix lifetime of DB lookup entries independently of the selected DB engine (#1287844) - mod_ssl: fix hardware crypto support with custom DH parms (#1291865) - mod_proxy_fcgi: fix SCRIPT_FILENAME when a balancer is used (#1302797)- mod_dav: follow up fix for previous commit (#1263975)- mod_dav: treat dav_resource uri as escaped (#1255480)- mod_ssl: add support for User Principal Name in SSLUserName (#1242503)- core: fix chunk header parsing defect (CVE-2015-3183) - core: replace of ap_some_auth_required with ap_some_authn_required and ap_force_authn hook (CVE-2015-3185)- Revert fix for #1162152, it is not needed in RHEL7 - mod_proxy_ajp: fix settings ProxyPass parameters for AJP backends (#1242416)- mod_remoteip: correct the trusted proxy match test (#1179306) - mod_dav: send complete response when resource is created (#1235383) - apachectl: correct the apachectl status man page (#1231924)- mod_proxy_fcgi: honor Timeout / ProxyTimeout (#1222328) - do not show all vhosts twice in httpd -D DUMP_VHOSTS output (#1225820) - fix -D[efined] or [d] variables lifetime accross restarts (#1227219) - mod_ssl: do not send NPN extension with not configured (#1226015)- mod_authz_dbm: fix crash when using "Require dbm-file-group" (#1221575)- mod_authn_dbd: fix use-after-free bug with postgresql (#1188779) - mod_remoteip: correct the trusted proxy match test (#1179306) - mod_status: honor remote_ip as documented (#1169081) - mod_deflate: fix decompression of files larger than 4GB (#1170214) - core: improve error message for inaccessible DocumentRoot (#1170220) - ab: try all addresses instead of failing on first one when not available (#1125276) - mod_proxy_wstunnel: add support for SSL (#1180745) - mod_proxy_wstunnel: load this module by default (#1180745) - mod_rewrite: add support for WebSockets (#1180745) - mod_rewrite: do not search for directory if a URL will be rewritten (#1210091) - mod_ssl: Fix SSL_CLIENT_VERIFY value when optional_no_ca and SSLSessionCache are used and SSL session is resumed (#1170206) - mod_ssl: fix memory leak on httpd reloads (#1181690) - mod_ssl: use SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!SEED:!IDEA (#1118476) - mod_cgi: return error code 408 on timeout (#1162152) - mod_dav_fs: set default value of DAVLockDB (#1176449) - add Documentation= to the httpd.service and htcacheclean.service (#1184118) - do not display "bomb" icon for files ending with "core" (#1170215) - add missing Reason-Phrase in HTTP response headers (#1162159) - fix BuildRequires to require openssl-devel >= 1:1.0.1e-37 (#1160625) - apachectl: ignore HTTPD variable from sysconfig (#1214401) - apachectl: fix "graceful" documentation (#1214398) - apachectl: fix "graceful" behaviour when httpd is not running (#1214430)- mod_proxy_fcgi: determine if FCGI_CONN_CLOSE should be enabled instead of hardcoding it (#1168050) - mod_proxy: support Unix Domain Sockets (#1168081)- core: fix bypassing of mod_headers rules via chunked requests (CVE-2013-5704) - mod_cache: fix NULL pointer dereference on empty Content-Type (CVE-2014-3581)- rebuild against proper version of OpenSSL (#1080125)- set vstring based on /etc/os-release (#1114123)- fix the dependency on openssl-libs to match the fix for #1080125- allow 'es to be seen under virtual hosts (#1131847)- do not use hardcoded curve for ECDHE suites (#1080125)- allow reverse-proxy to be set via SetHandler (#1136290)- fix possible crash in SIGINT handling (#1131006)- ab: fix integer overflow when printing stats with lot of requests (#1092420)- add pre_htaccess so mpm-itk can be build as separate module (#1059143)- mod_ssl: prefer larger keys and support up to 8192-bit keys (#1073078)- fix build on ppc64le by using configure macro (#1125545) - compile httpd with -O3 on ppc64le (#1123490) - mod_rewrite: expose CONN_REMOTE_ADDR (#1060536)- mod_cgid: add security fix for CVE-2014-0231 (#1120608) - mod_proxy: add security fix for CVE-2014-0117 (#1120608) - mod_deflate: add security fix for CVE-2014-0118 (#1120608) - mod_status: add security fix for CVE-2014-0226 (#1120608) - mod_cache: add secutiry fix for CVE-2013-4352 (#1120608)- mod_dav: add security fix for CVE-2013-6438 (#1077907) - mod_log_config: add security fix for CVE-2014-0098 (#1077907)- mod_ssl: improve DH temp key handling (#1057687)- mod_ssl: use 2048-bit RSA key with SHA-256 signature in dummy certificate (#1071276)- Mass rebuild 2014-01-24- mod_ssl: sanity-check use of "SSLCompression" (#1036666) - mod_proxy_http: fix brigade memory usage (#1040447)- rebuild- build with -O3 on ppc64 (#1051066)- mod_dav: fix locktoken handling (#1004046)- Mass rebuild 2013-12-27- use unambiguous httpd-mmn (#1029360)- mod_ssl: allow SSLEngine to override Listen-based default (#1023168)- systemd: Use {MAINPID} notation in service file (#969972)- systemd: send SIGWINCH signal without httpd -k in ExecStop (#969972)- expand macros in macros.httpd (#1011393)- fix "LDAPReferrals off" to really disable LDAP Referrals- revert fix for dumping vhosts twice- update to 2.4.6 - mod_ssl: use revised NPN API (r1487772)- mod_unique_id: replace use of hostname + pid with PRNG output (#976666) - apxs: mention -p option in manpage- add patch for aarch64 (Dennis Gilmore, #925558)- remove duplicate apxs man page from httpd-tools- remove zombie dbmmanage script- return 400 Bad Request on malformed Host header- htpasswd/htdbm: fix hash generation bug (#956344) - do not dump vhosts twice in httpd -S output (#928761) - mod_cache: fix potential crash caused by uninitialized variable (#954109)- execute systemctl reload as result of apachectl graceful - mod_ssl: ignore SNI hints unless required by config - mod_cache: forward-port CacheMaxExpire "hard" option - mod_ssl: fall back on another module's proxy hook if mod_ssl proxy is not configured.- fix service file to not send SIGTERM after ExecStop (#906321, #912288)- protect MIMEMagicFile with IfModule (#893949)- really package mod_auth_form in mod_session (#915438)- update to 2.4.4 - fix duplicate ownership of mod_session config (#914901)- add mod_session subpackage, move mod_auth_form there (#894500)- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild- add systemd service for htcacheclean- drop patch for r1344712- filter mod_*.so auto-provides (thanks to rcollet) - pull in syslog logging fix from upstream (r1344712)- rebuild to pick up new apr-util-ldap- rebuild- pull upstream patch r1392850 in addition to r1387633- restore "ServerTokens Full-Release" support (#811714)- define PLATFORM in os.h using vendor string- use systemd script unconditionally (#850149)- use systemd scriptlets if available (#850149) - don't run posttrans restart if /etc/sysconfig/httpd-disable-posttrans exists- use systemctl from apachectl (#842736)- fix some error log spam with graceful-stop (r1387633) - minor mod_systemd tweaks- use IncludeOptional for conf.d/*.conf inclusion- adding mod_systemd to integrate with systemd better- mod_ssl: add check for proxy keypair match (upstream r1374214)- update to 2.4.3 (#849883) - own the docroot (#848121)- add mod_proxy fixes from upstream (r1366693, r1365604)- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- drop explicit version requirement on initscripts- mod_ext_filter: fix error_log warnings- support "configtest" and "graceful" as initscripts "legacy actions"- avoid use of "core" GIF for a "core" directory (#168776) - drop use of "syslog.target" in systemd unit file- use _unitdir for systemd unit file - use /run in unit file, ssl.conf- mod_ssl: fix NPN patch merge- move tmpfiles.d fragment into /usr/lib per new guidelines - package /run/httpd not /var/run/httpd - set runtimedir to /run/httpd likewise- fix htdbm/htpasswd crash on crypt() failure (#818684)- pull fix for NPN patch from upstream (r1345599)- update suexec patch to use LOG_AUTHPRIV facility- really fix autoindex.conf (thanks to remi@)- fix autoindex.conf to allow symlink to poweredby.png- suexec: use upstream version of patch for capability bit support- suexec: use syslog rather than suexec.log, drop dac_override capability- mod_ssl: add TLS NPN support (r1332643, #809599)- add BR on APR >= 1.4.0- use systemctl from logrotate (#221073)- pull from upstream: * use TLS close_notify alert for dummy_connection (r1326980+) * cleanup symbol exports (r1327036+)- rebuild- really fix restart- tweak default ssl.conf - fix restart handling (#814645) - use graceful restart by default- update to 2.4.2- fix macros- add _httpd_moddir to macros- fix symlink for poweredby.png - fix manual.conf- add mod_proxy_html subpackage (w/mod_proxy_html + mod_xml2enc) - move mod_ldap, mod_authnz_ldap to mod_ldap subpackage- clean docroot better - ship proxy, ssl directories within /var/cache/httpd - default config: * unrestricted access to (only) /var/www * remove (commented) Mutex, MaxRanges, ScriptSock * split autoindex config to conf.d/autoindex.conf - ship additional example configs in docdir- update to 2.4.1 - adopt upstream default httpd.conf (almost verbatim) - split all LoadModules to conf.modules.d/*.conf - include conf.d/*.conf at end of httpd.conf - trim %changelog- fix build against PCRE 8.30- update to 2.2.22- Rebuild against PCRE 8.30- fix #783629 - start httpd after named- complete conversion to systemd, drop init script (#770311) - fix comments in /etc/sysconfig/httpd (#771024) - enable PrivateTmp in service file (#781440) - set LANG=C in /etc/sysconfig/httpd- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- fix #751591 - start httpd after remote-fs- allow change state of BalancerMember in mod_proxy_balancer web interface- Make mmn available as %{_httpd_mmn}. - Add .svgz to AddEncoding x-gzip example in httpd.conf.- update to 2.2.21- update to 2.2.20 - fix MPM stub man page generation- fix #707917 - add httpd-ssl-pass-dialog to ask for SSL password using systemd- rebuild while rpm-4.9.1 is untagged to remove trailing slash in provided directory names- fix #716621 - suexec now works without setuid bit- fix #689091 - backported patch from 2.3 branch to support IPv6 in logresolve- update to 2.2.19 - enable dbd, authn_dbd in default config- fix path expansion in service files- add systemd service files (#684175, thanks to Jóhann B. Guðmundsson)- minor updates to httpd.conf - drop old patches- rebuild- use arch-specific mmn- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- generate dummy mod_ssl cert with CA:FALSE constraint (#667841) - add man page stubs for httpd.event, httpd.worker - drop distcache support - add STOP_TIMEOUT support to init script- update default SSLCipherSuite per upstream trunk- fix requires (#667397)- de-ghost /var/run/httpd- add tmpfiles.d configuration, ghost /var/run/httpd (#656600)- drop setuid bit, use capabilities for suexec binary- update to 2.2.17- link everything using -z relro and -z now- update to 2.2.16- default config tweaks: * harden httpd.conf w.r.t. .htaccess restriction (#591293) * load mod_substitute, mod_version by default * drop proxy_ajp.conf, load mod_proxy_ajp in httpd.conf * add commented list of shipped-but-unloaded modules * bump up worker defaults a little * drop KeepAliveTimeout to 5 secs per upstream - fix LSB compliance in init script (#522074) - bundle NOTICE in -tools - use init script in logrotate postrotate to pick up PIDFILE - drop some old Obsoletes/Conflicts- update to 2.2.15 (#572404, #579311)2.4.6-98.sl7_9.62.4.6-98.sl7_9.601-session.confmod_auth_form.somod_session.somod_session_cookie.somod_session_crypto.somod_session_dbd.so/etc/httpd/conf.modules.d//usr/lib64/httpd/modules/-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=genericcpioxz9x86_64-redhat-linux-gnu?7zXZ !XᢧxI] crv(vX0']{Qcif$Q-,@&wZl)lY֍t汊tդnSrQYXh[bBRox@z4T fۗ aݧ Mi vi [ƘaC%A<;qjIA. e4Z):Z5;uS@ǐ635 X擲5ٳ~c=ĩldxc|,'[kÂGo0T6.syۈo²I[M~2:Wpac٢z~ KL(^i1eE1 'Ӵ&ee(BJCAXhTΰ\yBl()k~)s5O&yqvi" cppKw$y;cBBH]' UOb+wsZ6c >Q\;Ty<;B,Np:DkUBgS;' -5BEoLZy$mXc9YY\bI>I:JLo9)\1u:fi (G_[]l1Hć2A/@IzpLe W&B^9pzu/n\Qj|Sck .?YFv L BNO>wE'_:/-LHDBjM:,N_++rU`G8^gZjL9 /EyŽp(ՠ㟚`6:= #h 8tKRwS(#ӬЗ#մIm㵊R8>5kvX-k"\l,%I`z9qeurx3vڜYvœ;H!SQq`_eXڲ=U?/@ s<#)Wpo8'}pkzj^0"oo~ǧE:Ʃc/\ 0PGMAWݣ~{)v>xgk9?4TXբ~lf@ t'?8>?Hah+Vc=ngFzW9 LEiZ|e θEyX/cL_rJR܉$>TFMVО'3BhU ^^ǥ9/ -E~Gv*p M hzGiCjM ,  6pr=8BC j..j*xo(_t+u `Olsfո,؈֊wQieDu冭8$6B)$J:7D?~ &FmUOB ?OI(>T]-P H* = ~AoѷA*(6q^z˔,4M>yKNAfz>ĝG O ~<tie[ڐ0rOYlRfZߨ/ש`N -3 jk+KW(uG 8i"ȫ,EfhNf\E&JC7VvkZ;?{%xL׈w+RKGuU𔠛]WCVg6fKp'iF [m'In6*܏hAEX ` (lċړ[ >)Uw0C,zAt6xE,/xoP/QXT9_ x\e]cG*ISQluAʡpj^ $ݣKF2r%$F8q;g'x*.>/Q(f`yꖟtFJ==cU~ǵ!il{^~lցQY @YY@pB'm3! KqmzSUffElE/FWd3uبN=y^;ax~~. SCޭ2! XL~>M}Hgr,'+!Sd:SnKqT S1F[>K]:/Ш(JwIu]ea|]ؓQ2o_XcHJjT5cZc5?4.r@̹rЪbnE:q卑蠓}*K.sv4Q%wӑtvh_#yPK@528}![t`Әդ1.? - K3\ιP;Lkz#i ؉V1nŊL9Jmlw"E9u"/{|Q4{]*2ò2s<[Ca'fq; mA X!@L,S"f&zOS@^3O^5D @bdh|l[z`3) 5=)Rض@ J.;>Z\a.#!0[{]]-XJ|ieAFV넇j nO@Ko^n9'{1wrh u8962 .3G\=0?³$˞<:xt5 (Tsg"!0N=Ȩv\S<6"LϓStZ/wX:١v ƨeb? ^q`OIw*xAB hgQ1xCd,zz, 3F&B W΄D3S^}H)e$٭cEM +IWnuȩ>*<[n1up3$5/sXc؞&_ƒqN;L`M,[g.+񦳸6Mne1'uMRлp]4{8_Ny(+kaկ- y:TYn l77gNw/rVޜq{t>a&May,Vŋx%ZӮf77"#GoxG=8]02T$5U9s8d W< ը3kzJrrǻ}YMЉ:U`($ g֮r+ZC8<=VC!ex]\"3iQRQ9̰rGܕѰ8 HOdy9޴Ceϝ z(w#+./ yv mm\bs,} .ʈop!Կ4BZ"wO@+?n=N-A`45T)xk<Ӵi[aUMK`dwu4˶^ _}t|/uZIJ~%iw,xU\fhm  1p`$JwLOy{RǝDF<klBϖ- ]ڎݲyGhn.iͪ- 2# -nXvCˍ*p&K`fzxl z|^Ld6Aߣpvy8p{B8mH bWB6 ?@D#M|0ry`w+l*绸V̔w' o纾s#{?CN 8QζqBѺB̭#l5PjhdZPMﱅ7^vB> KJN!X@7: e`ľqT-(<κW3Px3MQ:Eļ-.)bPؓK_p 0snU) #pI#̇UTˆ[EN˞B宆]CmXg`9A4f,v!EG}ZiWx,Y<>R\{I"7sY߿53Zfi _ߩ6,)7y3":J胩-勛xR⡽!19Na|& E:fp!vr fd:[#?POZ9*|&r(r.҂ĸnoKtZݖx&Mh56Դ/0rrf@%$&KeU27^#[F)?kbWPL{}Y'qw/RgĿ1Tw,#(\@7xe7 yj?LerӦ!Jk5\xS{Hom *qI.gnc&.Jr" "Y=PPƤm*<0k5Wqu Xu&nF rs`cY*97x(VvwIR_s&e97d{ A0ʣM)2E8I^pj)T8L(zJQׅ k->pjʊf`t0thyAԄW"@-]"0caZM 2\Y <%. &z`dZ(%iHVihA$I9~4BpjQ7 C &ґb9B9jY3d-j>qZ?X]; i\Gިq<Z.V̛ZѓP3ςyRn򣻣M3w7[5S"F\4V-:UHq*w" O4}r.J&p3]' yvAjy]˼̪tF%8[*#3v2o@Gݕ@<*<ruwF]Fծn1QɊs6a^}GetH#(pp(N%tBN09RϦIvhiF|Ně;b@׽T d\]ռ8ympuî9 KKRW!Wylɠ7@C.r3JKgaQiXBLـ`s.}$$V]Ack8"Ib8Rר?uu2<0 y(L[eZ.8b3C %7G @*m31j. Az$ZS "i\C\hvFQ!KE" qpoxˉlx.@uַl%. K!J,P.D[zE-t8+H1h[~UW{yGM?dlsXIq/3P| k껱$5ar>}d~GˎzsCfgzK nt o !e*2fڮs]6{lf4R@vWŽURD>]\ lMt>*Ԣr'D\Cs2GΣUEul3@|s>Lv|E!kJ՘P9.x&^f)-E6 oenPS.W1KjC4>Fc5f,JtP٫Ľԫ#ܻ$<|璁Z j7ԱOj1˒ză{MFAYqJue-5Dy@WE%c.T_:a Q!qQ8ըU1! $ρ^N v{5Dh&8Pt[ ׸, 4Q$ga F>d) )49ۣVWPes %`~V kWߑ)l*˽9 wCwqfypRVEd,L.ɑMzMsE2]Eڏ xds]\\Pn2|٬b[Y : t[(@ L_*aDWX[fYܹX^З tWVՖ6@OY.w 2p zgXɢӄ0EYGo2X}e fi?`GlH,by\ܑl]վEQ0D"eV tfF ٓQF00mq1BL)0QѣULH$dDؘvÙ(S YC5PEdpo_͛$@XYC}P6B2CԾav+'d4L/<0)&0] }4fs8'.ѦH)mz~$\'tR qRgHk,F7:u\c=<æXivz9MLǡ+–=yNГFs) a9_p&{w y>ҴIp6=YCf OmȐ5]7_iEͬb ;⫕S:At{6r^ sr{"ߪ҂zxJ*]HP,֫4>2(!-da`p!-8>;MNK =T3"Jd*M@>e4-) G3!g\u w>TFP>X#c2} B,,6$}wPVg%!$V45'zTDX+0C~*~ߖ;Ԣ^-j'N3s4n_uQl?^1>6lHEIAb*maRDΰ^3 v$ YDTpH㢡E*R׈4.X,WmB.)3QWО70x(ctyq`s浳;1EkO'bD  4y]XM t趎m:B.KQch+x(u*[s#A+B?rΥ$@GucC$qd`-\J;u)~iԤZe:Ǩכ Oye4U^2SBĸ0,עbï(xǬԾ]/+X"hܑC?A"ֳeApIT"WWLt/g[$5b x-}30~`@t"QX%`(ER*x5VveWQθ^˞+ٯ!`a꒣vYm%(bRx]:;6~83RЎyӌt,^|\|`:9zxR|FD4epڥ=XrjP(X8֣"'2~Df ga[BLI㬒R_4|c6~^ B4L|8Rڜ%uͥYחLw 35s=HϿqyjw :MrpQ̲W@K*wW|z4[8TtP fyѧS8df$av#BG]7_q?zKl1,^h1!Űs%41';?F.t.wZkLK´14g!Diy$9пh0z5/V$NLb/%5.I?gSY{|\1ǕaX]5Zh1xcnI^5MgmOR|YJaJ!}_eW O'qAlyUcSA "ޛhQkP;:ֈ[4x̊УËtއUmftdhy 5#D|t'@34oZs3;j_ AGSCm/ 7;b H[Wele$Ic}Yf?sS g5,@'Phk'pUbzbN̅)A_+5DXp1v1 Va[Yo{4][C|YF[9ݧXdKXXGe d[Yhx9Q9^W̋Rf5ǽ4u0ܰ}8jn:͎w;jdsvqdnݿ*rEiWuש X veO=c,kHF3d*i R!>8LP~k$,wQM5e++@;Ղ |\x8xY`? Zjg.u7|+C|pjٞS%?A牾 9^uPInu(^ ۓeZء"aӟ+ٸ14WzѦݭvc2A1+Bҡn%MkՒG;rBAOwȐ]>gzBrXZQWDki}=?9؝^l|e\΢b-xpͨtI3n:05G;Vs:S4魗0Eϔ=^hԟ2g֞Ymɦ08|R=%n- u+ejZT$}ͤʔ'Qlc4ZG)j)?[ "c!Ma hR70ԿmwbZZVV|9^/UsO]ӓ - g)GWa9#&N`b;ˣ}X}PZ-3kuɜD2§ZdkegsGyccGpam": pL-U]AT ҖLB\: ǜOg<ݩn?"r1ҵNow!$//Y\1by '^Й٘q!ܹ]H ~ԩ+}J9EALn `C׀uMf룘k3P/>d,33k T"'b[B-1غb]C=*@"+LTdܪ f8"n!WH>Dea<>p(UpIK Nx!R "pxG4F5utH܄dRyOH9dTqy. %vmU+^Xbuc${%&wWQv)3z9)'=Pp^r32țP[f͟VXobU=Kr{"5jp/1$kFB,6l쁴My97Кc[*3^iۜud^( ?_?%dYjj5=yW !#d]1l|1O^ %XV7"΂sFB35M}¾hI[%Ke^CvZ{]wLܘ9VD~Ӊ=Cwb:E]n/QX.o[/OE7rۊnUF4i˶|+ٞ Ŷ= N]]ֳZƒy0WU =f?WLEޘvM #̤ =ңWsĨΐnWF&]'2=F#@osNz5 qevߒi"E8gV^ 9-h_*ׂ )׆"'FRϦa^f(l GH]mRJb1 凊,'R5DqMט43 ~͋9˩XQd/UfG|t8 bėXQ |>IxAiQ x~04&- Ou}@/ 6;5'$ذb ҕim66@t H_oLIo*Ci`jGE6 o]ҏtc9L|[w 33ž8f[2͚Gt?!0߅NK:S[ ORfejL;mH+?z H‘48m_Af@[zLxb4,=S 2-qJOmF1ќ}>Ό{Պ.!~ [HFqZbVo=4{NI%2Хjѐ}V},(]Q;\Xi 4*Ż`b7{./ě@@ls4]%:Ci!U,-R^q^d~?$1)I" ki hZff!T)ɱ`QYa&?$"mr Qbw٬3*JK61,@ (DT_-B)=@Xϒr0b%Pv19łcr!UkۜGO85Ww2hb82dAd״:J<'N8sBR`|x;R-k\{!NG~UofWҏy><3 )z CV;)9\#aDB9_=e$4á|P7u+ .x㜿cA h-==Z5xb$o }z݌ zd4;.X| 5$6Ր]hSj 2x&3(Ȫ\|þ!jӲy)XB},4{M9;C!4Ml% ( gPBGj+" Dtτ7StN~+>œ'DU ­G71!^ qg Icm͍voƫpjh;̇̈Т H (HI BַZ\.gaŒ#Y'+][uk-–&F'Is f EOTު?\xTJm:2L=7<_>FqTOSKF[=[r٤ˈCc-UƑ5^/30r6Z -9%6) VK۸d %_VHP=6g>Wq;}麬b3A@2E?~@ Z^l pPޏW|U|z|oاcCYTh e|&QVE^}uspZyh-6}hΘWD/Z6xΚuHcA5ֆn)àBǥw -B(z'zؐh2G"kݛfGX2v_EuZnȩFdg݈p+ίgˢTv+;ť;$n/r;N+[Jaǭ SI∿4g-/N-l0|?_&gǹ L!k5K6;Ǵh^lVz\4Oikۿ<:;D0|QE(4!jX66:|Ťç-L 'Kk'tL]% 2HZWU!%C5ہYB=@۪:+jWb.0H%Hnd&Z{I $Ȃk|ǃ[Bc}77@?Jc6 nz31ld [\oEG D`|m3XY?,>URV0M;Q}$˷Uq"gp4Ea?j0C'~q0 *$% 0l ?npD$>]ZIfT10ުwteE1ʈt՟Vnķ{`8̕k#o\r^U8ͻ>v9J+0~[SPwfSgTO&<-Y?Kvx0s_+m §eVmMBjH a͡dsk3O91otyYa *J)og\qNۑ$8]k'os}rf;Jm~O"Pj*q_;rwHuUAcf'*](9$Ǥu}DE c5/1"5#fO\q"}L+%_!l#{QdxO>7|(gڝEfCpA#y d` *2%/'PM)1Fw4#eݧo;'}*j'Jb}@{xxWZFOc@MnKsNPKm>rF/\6jIș_8 9ՋfxԴ »vU={[p77#ԉ@Ńqq U.rI8/AĐt$׼o y':cR7+rMQdv&쪑Nqu?G3 MB;Wx-:1h4F}^q&: [s|>a?1!ymPbk-ÐoS m-4k44CAz 0ljn5Vk\x@g oqyr\ aN'$'ܯpq ^fHArӉ K$o) C;8%u3OWאX>y\~MKMdGy, CMOr ¤:j:N㩾3AHpWL;H׭k=PYYC=Rk8ߟ]7(N71̔0W Mmq]s7m rgѬd1<-brH~ q W:[癗QS(tQIٸm휈(jwS͙Cj/YP+rRPl0TjY""~fM m뺀Ո V?HyۆR{_KMz^O/ڝ5Hۢ-cQIΖpSq {u=~]$AdHD wt2ݻiJO<;f\ۇ `s{DXIsͮ3߂ 7;!}ہ:S_ʩcu`$:muCfAЬ?|}z /ҹ?K@} T ``r[`bid s"cM$,q(y녳е}rFod&#`kf[=}0b TVi&mE<詠0q7YAQ>8'2ʿ?{:v~ ӮׅOS4 $xp62Eq^Vjlzrp~ְƍkXD- dy6]"xB*+;g~ϳ[ ظzSɜ@N;xՂ: '@\k_= +VwTMHjVoZ+ +[ge?!j'TBIrz{/J * < B[-1`>=3D˹G3l-KGmlcW15U/g ;HT;ə#njIF\fg '$ pWI628P$k茜+!-us/载e ldV؇xʧܬ #2u:l"H4?EgŞ]X)ۡG]Yj~8bP%r$hPHfimfin#bZ+JCc-<^nMWr_%iYqD 4@awk9y733\ލ1WvzYE+4 p%lp(7Dm[]t 0p{N^;ѮK!>8xΡ_?.\GJ"Ŕ p a2t$x0& Kd3jҚF,f.*f2pkI y3v6X yq٫񫛮1`os7'wS`[`2\/^Ft~_ogb #DIr xv(r yfi ;|pk[[4:lcہq1ʥҩH&ϥP4S Ce݅oyX 2o8NN37f,IWj\xKK(WQ~<3E|U*!WYt:D}Av[B /#i#W1^QOdJPogQ͟>S2 /cFÈk24l bJߙ,xo7{s@Bf."Uwݷ9mXѫ~0 \̮$9|Lh= +]F#U"Y#Q{[kx;I_&} Oǔ /ϧ%3$0~lGFV}[A|ڪBbc-"83eJm&]XKn 6|Ѫ!~^$Ig(K1C, 0.3zY[\?\V5^nscDaBǭ=rTͭ01qfW=wKWiބHq?S"^Pq"b\8_xvI,X #$&b5J-ְ!Qh2m a[wlmI ~?uvA}3y*]1vpt8/𬢹D"m56%\Kl[u9Q<{}󫪙qϨnj?P'*|Wa:,rX+Ըva$JPB<xlQֽxԜbVuͷ^3n?#zJBK$}3$g+()DcPj5-mZ#H W jCe!O?ưmW D|K_-T2mEeE9 kᕈ (9+VUɢЭ̋(IYpN@V'%@lnY mZFR5wN49AKʪV<ɷEJB!25MZ%hѮncHܰDm)cm-alĝj?JdL9b3Nyk.""9"met 2V~e-pG' ߰poN7Dk]Si6y&rO`A zg)t>?(J+~+u*DޡEbZBP)l/ㅤE^T&&,)G`֏B0PYK966} >\@dTX]'CM,N%tᒿ[aaNM]yb#4ԮRdupu.ez/tàH3׎H{~=wQ븣]9 2a#<GirqXƵQS@ƾSSp1m7FI*>.@=zwKJpw*'~B)qrgV*Z}_x.*\a~xV"+̂*ju.2Vcm͋əG͋*گk:hD3}'wsqs8-+= rFzB{jknT N-svF`E#_|>"v:liI\} eC *'9'{&]k{EUc,`HP,vS_W mmO-=Tڊ\S &ZNV#o "ǒP)d[hTH0 b+n}jHk6pWq|8&A?a,$YJōQVm{9ζQ+_hL'\Bln@t_V];:fhȣ'qj԰Z`n znԎ?TǏ5U ,}D`|mQhsONs_XqE=b~ ^YpRf< d˔b} 7#6!6z:i<' $dNɔ;rdžs F&'X16[LM6'^YŒ:UB6Ŝ ܜ)S,/\p0Ekx{FoJ`?t)HpǚԆDxE3${𔆞')οnڡՕ (Z⌵g3iwdoR?[:BFw='ye-ݤr%S 9zאcݢ,m-6Ku5fjHe^S0Dea |:O(N:=z#\XJB }lLif-Bbˁ\،d]aKlt$@\㗤)|+&M<` "B|W~_ Ojy :~֓?'V4;&7sVýśPc LKYHOCgD?Cvۧ3Romr QTz*ĺq`IE./Lp rm} _`g4;GV3ǃ` Y1yCf~t5itPJQ0|fJm=K.tkKbQ` XcxOhth-&erQ6OpÀD]/[`oBTfIJ0~S=u}Lo_N`3ł4E ǗZ'BQ~saa/~ս^⨍bCT{Zvq'YTeC+A= & ̧a xq4(^Vxqڑ$ ,‹lيx8>VN{Ah 1ajA_z+̋&KTZ+5ԛ DPiy ݕ{x̤Df5^LFQO»"]N^k}UNb~ӻK5kw򗥙ByV) 6@%IZG*OT@#3Ng|lb19r_D Vae4IWhje7 @XIUR Jt8?cޤqBӽ_ -. F6̇Zzce F8VRz;^uMRn^>]z%؁3!&eYPNNm)ޮbL;Pk1N>_F"O5.\+#\dxH56GΪ1#gO5xtTvYkrjfi[djQ:n|M$lS]^nךY XNƐ #}x Uwa9 y·*]`Є٩$KYe.{=h\lwb4|i#-kox :j>zkE tiݩEݔi ''qt-yj :E@&p{4ѩ@{N[1y6 Zc@N(; GsEu'E6/(@xb΢{<50Z<jsC߇2I:/(=}O^p^<ܳɎpMpTA녚#r ˂` @Z܌ox9lYI. 'ES;=P^9d" lԢB{[ڶ~ih?ZX?)Ei(M^FY;;QQoV1d<]䂥s1*2R4+PR:a]˒Sӎ(=l`8cCHG 1 ] evG[mX"VT28k0IIULoCȲ;dc3*)*M~5?iրܙW.%[_(=e*2djߧc^&};Kכ@Pu*'Ycp}!QE WZ>1 D[42Ci!N "g'E ܺFW5މLAJ?Rcdl͇VוmJ&XbaبR4VU8WPnI-?q6q%FPkKH\:˕w=qQp厳|Re[uAo無;زwx$C%Wڗc(TݏW#yPj "s (=h7Hxó* E'CbuYY.>qCC?XirצEUWy.(kwcMG/6@z4!6bJEg@lZ`vKlcOG"k ܸh2.U8g24'ڪdĎ"^9B2CBD0cLj=(7 -# =y~@bjok^SJܓadbu""ՙr")+t|1 ;|3DDW'z$wIK?){^Ci+w.lZ7ku\{䖢C^!KBȝ*1dϖDO|e4As(om{pR0,X> HA_US=NVSmBECjMMYDŊ\\N•Ő*]?Ym{0}J6>~r:_9JN ז PKQ#C_ϡr?Cq褼k:a}wy 4UýpmZ)iw ޣބ* 'U9Yzbsg#)bs /o_~.S_ZnJ>03|I?O$$Tד Xs;ќF@<מ Ox2h_OsH#hdڱy~+qվ/xx2F zvJfP5n kpi < R!)WkՈwt(>xvqlo88\Tq'WM¼V9>$祟xi=s.3{#9ؼ\[lƻncdL`CV8Aj UXqG: {V /+&!62 'Ϣܴ]cuLVDތJᢒU _oRG;|sz)N(us<~*gmQ JPy?h大geU;D݂A>Ѻr $qbIU RF~6 |wF.C9[޻H"O(XIx,*C9d* e 8LOfT1 N%9N$Vh&o{,aJLęx-Qlm[N*Gb~_3@G|HҖFTY6/f[v5ʼn 86AXnL م})Q@\U<ό*R80a^p^S;'lpdȉPcT YZ